The reason for the lack of a ready-made

[hasibaakterss3309]

Options for integrating Bitrix and Keycloak
Unfortunately, there is no ready-made integration module in the Bitrix App Store. Although there is interest in such a development from corporate Bitrix users. product is not that no one can make it, but rather that with a certain common set of parameters it is impossible to create a universal logic of redirects, user authentication/logout, user creation upon first login, etc. And such universal things as exchange methods can be created, but this is not enough for the application to work.

Earlier, in one of the projects, we integrated Keycloak with Bitrix24 CRM by customizing the social services module. This module allows you to log in via social kuwait telegram number database networks and can be modified in such a way that Keycloak is also used for authorization. But, firstly, the customer wanted seamless integration without intermediaries in the form of social networks. Secondly, our platform has its own API, which allows you to implement this seamlessness.

The customer suggested connecting BUS the same way they connected their other systems — using the OpenID Connect (OIDC) module for Apache. The web server module could solve the problem globally. This module allows Apache to work as a relying party:

the user enters his data through the authorization form;
OIDC establishes a connection with Keycloak and identifies the user;
It then passes the identification information to applications running on the web server and establishes an authentication session for the identified user.
However, after several experiments, the module did not work correctly, so I had to write such a check myself. It uses exchange via REST API. The B2B platform, like Keycloak, has its own API, so integration via it is a working method.

We will tell you in more detail how we did authorization on the B2B platform via keycloak using the OpenID Connect protocol.